Can we protect against computers being fingerprinted?

July 18, 2016, University of Adelaide
Credit: Wikipedia

Imagine that every time a person goes out in public, they leave behind a track for all to see, so that their behaviour can be easily analysed, revealing their identity.

This is the case with people's online browser "fingerprints", which are left behind at each location they visit on their .

Almost like a regular fingerprint, a person's browser fingerprint – or "browserprint" – is often unique to the individual. Such a fingerprint can be monitored, tracked and identified by companies and hackers.

Researchers at the University of Adelaide are working to find new methods of protecting against the fingerprinting of personal computers – and are now giving members of the community the chance to see firsthand their own computer browserprint.

"Fingerprinting on computers is invisible to most people but there are companies out there who are already using these techniques to learn more information about individuals, about their interests and their habits," says Lachlan Kang, a Computer Science PhD student who is conducting this study as part of a wider project on privacy, within in the University's Schools of Computer Science and Mathematical Sciences.

"This can be quite powerful information to have, especially if it's used to tailor advertising to you. In countries that are less benign than ours, it could also be used to spy on people," he says.

"Computer users generally are growing in awareness of , but currently there's little that can be done to counter fingerprinting. This is because fingerprints build up in between the websites you're visiting – your browsing history and can be pooled in the gaps between those websites. Simply clearing your browsing history won't make any difference to this, because the information is already out there."

Mr Kang is seeking the public's help to better understand which fingerprinting techniques are the most powerful, so that he can help to build defences against them.

"Eventually we hope that people will be able to protect themselves from being fingerprinted, or tracked without their consent. But in order to do this, we need to analyse a large number of online fingerprints – as many as 10,000 of them would be helpful. Currently we have 2500, which is a great start," he says.

"No personal will be retained for our project. We're simply looking for the data, which will be rendered anonymous for ethical reasons."

Explore further: Share button may share your browsing history, too

More information: For more information or to see your own browserprint, visit: browserprint.info

Related Stories

Share button may share your browsing history, too

July 22, 2014

One in 18 of the world's top 100,000 websites track users without their consent using a previously undetected cookie-like tracking mechanism embedded in 'share' buttons. A new study by researchers at KU Leuven and Princeton ...

Quantum fingerprinting surpasses classical limit

July 5, 2016

(Phys.org)—As the saying goes, no two fingerprints are alike, and the same is true for quantum fingerprints. Just as a human fingerprint is only a fraction of the size of a person, yet can be used to distinguish between ...

Privacy analysis shows battery status API as tracking tool

August 4, 2015

That same HTML5 battery status function that lets you see how you're doing and how much juice you have left could also leave you vulnerable: A Mashable senior editor, Stan Schroeder, reported Tuesday on a paper that shows ...

Recommended for you

Coffee-based colloids for direct solar absorption

March 22, 2019

Solar energy is one of the most promising resources to help reduce fossil fuel consumption and mitigate greenhouse gas emissions to power a sustainable future. Devices presently in use to convert solar energy into thermal ...

3 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

baudrunner
not rated yet Jul 18, 2016
Tracking someone's browsing habits is no more difficult than accessing the user MRU list in the registry, a simple procedure for someone who knows that. Registry cleaners delete the contents of that list, making the process of targeting ads a little more difficult for prying bots.

Temporarily disconnecting and reconnecting your internet hookup refreshes your previous IP address to a new unique IP address. Did you know that?

Using search engines like Duckduckgo offers an additional level of privacy, since they do not track your searches.

There are any number of ways to keep prying hacks from analyzing your personal browsing habits. It's no work at all, really.
Eikka
5 / 5 (1) Jul 19, 2016
Temporarily disconnecting and reconnecting your internet hookup refreshes your previous IP address to a new unique IP address. Did you know that?


Not always. Your networking hardware has a unique code called the MAC for Machine Address Code which the service provider uses to assign you your IP. They may assign you different ones at their will, or they may assing you the same one. The MAC is hardcoded in to enable networks to automatically assign addresses.

That is the case under IPv4, whereas under IPv6 part of your public address will be automatically formed out of your device's MAC in two parts: network specific part that depends on your service provider, and device specific part that depends on the MAC. That will enable outsiders to know who you are or at least what device is being used, and - by asking the service provider - where you are.

Changing the MAC is possible in theory, but practically not in most devices by most users.
Eikka
5 / 5 (1) Jul 19, 2016
In most desktop PCs with an integrated network card, you can change some of the bits of the MAC from the BIOS setup software, but that has the effect of tagging the code as "user modified" and it may be rejected by the service provider. Reason being that people used to hack around filters by changing their MAC, so they could e.g. get back on forums they were banned from, or vote multiple times on online polls etc.

If not, their computers go "Hey, a new device" and give you a new address.

For routers and wireless access points, and other devices provided by the ISP, it's often impossible to change without breaking out the soldering iron and chip programmers.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.